XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Device specific web filtering for XG as in SG firewall

    Allow web filtering policy based on device types - Chromebooks, IOS, MAC OS, among other device types including Windows and Linux. This was really very useful in SG firewall

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Lifestyle Says

    Lifestyle says brings you a plethora of fashion, health, travel, etc. for the ever young and vivacious you. Keep yourself updated on the recent trends and innovation in the Lifestyle sector. We let you live your life to the fullest, enjoying every moment.

    http://www.lifestylesays.com/

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. URL Rewrite

    I'd like the ability to rewrite a URL for outbound proxy connections.

    For example, this could be used to remove or inject a specific setting into the query string for specific websites.

    I believe this is similar to how search engine "Safe Search" is set/enforced, but this could be set for other websites as well.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Map IP Address to a user

    I'd like to ability to map an unauthenticated IP Address to a particular user.

    This could require the user to 'sign-in' the first time, and have the firewall 'remember' their device/static IP address, or it could be set manually in the firewall for an IP address/range/list.

    This would need to work transparently with other authentication methods, such as Active Directory

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. allow exclusions for certificate validation

    for Web Protection it would be good to have the option to download / exclude certificates for certificate Validation (Block invalid certificates in General Settings).
    the setting like we have in SWA is missing in XG: http://wsa.sophos.com/docs/wsa/webhelp/swa/tasks/ConfigGlobalPolCertValidAddFromWeb.html

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Web Block Tags

    When users see a blocked page it would be beneficial to see what group they belong to so that adjustments could be made quickly.

    Currently the only supported tags are: {user}{url}{category}

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. need require interface internet date, timing with speed wise report monthly

    need require interface internet date, timing with speed wise report

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. OCSP stapling

    OCSP stapling for the XG Webproxy.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Quota Time in actions (Policy Web Protection)

    add the option Surfing Quota in actions in the policies of the web protection as already exists in the UTM

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. DNS Web filter

    DNS Web filter would be a good add to Sophos XG.

    Reference:
    https://cookbook.fortinet.com/dns-web-filtering/

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. logoff user

    We would like the ability to Log a user off by redirecting them to a web page / site.

    At present we are using http://sophos:8090/ to log a user on, but the ability to have a log out button and or feature of the same would be great.

    We are a school, so it helps from time to time.

    Thanks

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Privoxy functionality

    Privoxy is able to supress redirects that google is placing on their search results. OR redirects to analytcs sites.
    Blocking categories makes the search sites not usable.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Web Filtering Category with coinminer type website

    In asia so many bitcoin miner case.
    Taiwan was test target with many countrys.
    so many business customer want to detect inside or outside problem with miner attcked.
    but some miner website is normal and legal.
    Just hacking category can't include all miner webside, just only inlegal webside is not enough.
    Endpoint protection this product has application contral with miner type category.
    so why in XG can't do this?

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. "Skip Logging" for Web Filter Exceptions

    It would be nice if there was the option to "Skip" Logging of specific web requests in the Web filter. For example, I see my logs spammed with certain domains, even if it's blocked, such as ( trouter.io ) and it's quite annoying to sort through.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Find missing certificate in reliable source, such as AIA fetching.

    SOPHOS could deploy in XG a way to locate the missing certificates on a trusted certificate site, otherwise we will have to manually add the CAs to firewall. This feature is possible in browsers thanks to the AIA fetching extension.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Policy change intimations

    I want to intimate my employees whenever the web or Application or traffic shaping policies changes. It has to come as pop-up for the first time login after policy changes.from the second time it should not to come.once they accepts the terms and conditions.

    Is it possible,where i can configure this?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. surfing quota

    Sophos XG's time based quota works on logon time and session. When a user logs on to a machine the session will start and the quota will be triggered.

    If a user has granted web surfing Quota of Daily 1 hour Cyclic and he logons his PC at 9:00 hrs then his quota will expired at 10:00 hrs whether he has used Internet or not.

    As per the support team this is not possible right now and suggested a feature request.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. A URL for people to sign out of captive portal

    Right now if keepalive is not used, if a user closes their preserved browser window there is no way for users to log out. There should be a URL that users can call to log out. This is also a problem when people use iPads or iPhones, which has a network detection utility, and a popup login window. there is no browser logout window that opens when using an apple device.. thus no way for people to logout.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add support for RTMP/RTMPT/RTMPS over Web proxy

    RTMP/RTMPT/RTMPS failed to connect or not working with Allow all and Scanning.

    It is not supported with XG proxy as of now and need to add URLs or server IP under exception to connect with streaming server.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Import URLs in Exception

    In Web Protection Exception, we can not add more than 128 URLs and also there is not option to import. It is tedious job to enter so many URLs for exception.

    One may ask what is the need to make exception for such a large number of URLs, I got stuck in getting the Windows 10 Upgrade and the Support team gave me the list of URLs to add in exception, that is where I faced this issue.

    It'll be helpful in such scenarios where there is a large number of URLs to bypass.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.